Re: Using a removable-device-recorded passphrase to decrypt a system

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Heinz,

I doubt it. It is a valid question, bit also one any halfway
competent implementor of crypto on Linux has to ask themselves.

Without verifying what is actually done (Milan is the expert for 
that), I assume:

- Passphrases get stored only in locked memory and that does
  not get swapped. (Root permissions are needed anyways for
  setting up any mapping. E.g. GnuPG has a harder job here
  as it does not necessarily run as root. AFAIK it uses a
  suid second stage exactly for the purpose of having locked
  memory.)
- Passphrases are wiped from memory as soon as possible.
- I have no idea whether locked memory can end up in a 
  core-dump, but usually these are disabled anyways.
- In-kernel keys are protected against leaking to disk.

The thing is, system encryption is not easy to do and conceptually
does not help a lot. If it was necessary to prevent having
passphrases/keys to disk, that would be a major security flaw
in the handling of said passphrases/keys and it would affect 
other things as well, like GnuPG, OpenSSL, etc. and so I hope
somebody would have complained by now if that was a real issue.

Gr"usse,
Arno


On Fri, Jun 26, 2015 at 14:59:18 CEST, Heinz Diehl wrote:
> On 26.06.2015, Arno Wagner wrote: 
> 
> > My advice is to not encrypt the system partition itself, just
> > all user and data partitions.
> 
> I wonder if the passphrase could leak to the unencrypted system partition in such
> a scenario. E.g. memory contents dumped to disk while crashing or
> similar. In fact, I don't know what is possible or not, I'm just
> curious..
> 
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux